文章目錄
- 項目監控
- 1.添加依賴
- 2.修改配置檔案
- 3.actuator包
- 4.config包
- 5.功能測試
項目監控
1.添加依賴
導入spring-boot-starter-actuator依賴包。
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
2.修改配置檔案
修改配置檔案,配置actuator資訊。
#actuator
management.endpoints.web.exposure.include=*
management.endpoints.web.exposure.exclude=info,caches
3.actuator包
自定義端點:建立actuator包,建立DatabaseEndpoint類。
package com.gerrard.community.actuator;
import com.gerrard.community.util.CommunityUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.endpoint.annotation.Endpoint;
import org.springframework.stereotype.Component;
import org.springframework.boot.actuate.endpoint.annotation.ReadOperation;
import javax.sql.DataSource;
import java.sql.Connection;
import java.sql.SQLException;
@Component
@Endpoint(id="database")
public class DatabaseEndpoint {
private static final Logger logger= LoggerFactory.getLogger(DatabaseEndpoint.class);
@Autowired
private DataSource dataSource;
@ReadOperation //隻能通過get請求通路
public String checkConnection(){
try (
Connection conn=dataSource.getConnection();
){
return CommunityUtil.getJSONString(0,"擷取連接配接成功!");
} catch (SQLException e) {
logger.error("擷取連接配接失敗:"+e.getMessage());
return CommunityUtil.getJSONString(1,"擷取連接配接失敗!");
}
}
}
4.config包
Config包:在SecurityConfig類中配置相關權限。
package com.gerrard.community.config;
import com.gerrard.community.util.CommunityConstant;
import com.gerrard.community.util.CommunityUtil;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter implements CommunityConstant {
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// 授權
http.authorizeRequests()
.antMatchers(
"/user/setting",
"/user/upload",
"/discuss/add",
"/comment/add/**",
"/letter/**",
"/notice/**",
"/like",
"/follow",
"/unfollow"
)
.hasAnyAuthority(
AUTHORITY_USER,
AUTHORITY_ADMIN,
AUTHORITY_MODERATOR
)
.antMatchers(
"/discuss/top",
"/discuss/wonderful"
)
.hasAnyAuthority(
AUTHORITY_MODERATOR
)
.antMatchers(
"/discuss/delete",
"/data/**",
"/actuator/**" //項目監控
)
.hasAnyAuthority(
AUTHORITY_ADMIN
)
.anyRequest().permitAll()
.and().csrf().disable();
// 權限不夠時的處理
http.exceptionHandling()
.authenticationEntryPoint(new AuthenticationEntryPoint() {
// 沒有登入
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
String xRequestedWith = request.getHeader("x-requested-with");
if ("XMLHttpRequest".equals(xRequestedWith)) {
response.setContentType("application/plain;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.write(CommunityUtil.getJSONString(403, "你還沒有登入哦!"));
} else {
response.sendRedirect(request.getContextPath() + "/login");
}
}
})
.accessDeniedHandler(new AccessDeniedHandler() {
// 權限不足
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
String xRequestedWith = request.getHeader("x-requested-with");
if ("XMLHttpRequest".equals(xRequestedWith)) {
response.setContentType("application/plain;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.write(CommunityUtil.getJSONString(403, "你沒有通路此功能的權限!"));
} else {
response.sendRedirect(request.getContextPath() + "/denied");
}
}
});
// Security底層預設會攔截/logout請求,進行退出處理.
// 覆寫它預設的邏輯,才能執行我們自己的退出代碼.
//認證,認證的邏輯用自己的代碼,哪些地方需要認證配置自己用api配一下,認證成功/失敗用api配一下
//判斷是否登入交給security,用的是securitycontext?
http.logout().logoutUrl("/securitylogout");
}
}
5.功能測試
登入管理者賬号。
通路health端點:
通路自定義的database端點。